Windows

Securing Windows XP Home Edition

Posted by on Jan 27, 2005 | 2 Comments

Previously, I showed you how to stay virus free. In this mini guide, I will walk you through the simple steps of locking down a Windows XP Home Edition installation.

By default, Microsoft shipped Windows XP Home Edition without a password or account restriction on the Administrator account. The first thing you should do after installing Windows XP Home Edition is set a password on the administrator account. To do this, simply restart your computer in Safe Mode by restarting Windows and then holding down the “F8” key. Next, click “Administrator” on the welcome screen. Then go to Start, Control Panel. Click “User Accounts”. Click “Administrator”. Click “Create a password”. Create a unique password for the account, something no one should be able to easily guess or crack.

EXAMPLE: wxgui281@!&&02

Click OK, and then restart Windows back to its normal mode.

Next, you will want to make sure the Windows Firewall (called “Internet Connection Firewall” in pre-SP2 installations) is turned on. To do this, click Start, Control Panel, Network and Internet Connections. In Service Pack 2 or later, click Windows Firewall, and make sure it is set to ON. In Pre-SP2 installations, click Network Connections, right click on the LAN Connection or other connection that gives you Internet access, click the Settings tab, and make sure that the Internet Connection Firewall is enabled. This will prevent hackers from exploiting your system and snooping through your files.

Once this has been done, you will want to make sure Windows is up to date with the latest service pack and updates. To do this, simply open Internet Explorer, and then click “Tools”, and from the dropdown menu, click Windows Update. Install all the Critical Security Updates and any service packs available for your system. You should ensure that Windows XP Service Pack 2 is installed, as it provides new security features and updates which will keep your system safe from hackers.

OPTIONAL: Individual File Security

In Windows XP Professional, you have the option to disable Simple File Sharing, which in turn gives you the Windows 2000 style security tab on Files and Folders. In Windows XP Home Edition, the option to revert to the old style security tab is unavailable. To gain access to the feature, visit Kellys Korner and download WinFile.exe. This Windows utility from Windows NT 3.x / 4.0 will allow you to change individual security options on files and folders.

  • http://twitter.com/darryl_eaton Darryl Eaton

    Jake – thanks for soliciting community input. When you get a chance to try CloudFormation, you’ll notice that any configuration of a specific machine has to happen a) with scripts baked into the AMI, and b) with parameters passed through user data. So you still don’t get the nice ServerTemplate methodology of configuring and maintaining individual machines, nor can you run one-off “operational scripts” after the machine has already booted. CloudFormation definitely makes it easier to set up an environment (machines, load balancers, database), but it’s unclear how easy it will be to maintain that environment once it is up: https://forums.aws.amazon.com/thread.jspa?threadID=61219&tstart=0

  • http://twitter.com/edbyrne Ed Byrne

    We build a similar service to RightScale – http://www.digitalmines.com – simplifying AWS deployment and management. So is CloudFormation a threat? On the face of it – if all the eco-system does is provide simplification, or features that AWS has yet to launch but would logically be on their roadmap, yes, is very much is.

    I think the important point is that while AWS is a fantastic service, and they innovate at an incredible pace – managing infrastructure is a complicated process, and there’s more than just the IaaS piece to it. Providers like ourselves have the opportunity to simplify and manage the whole lifecycle of a customers deployment. Server provisioning, monitoring, intelligent management, patch management, runbook integration and automation, and so on. There is a whole horizontal, complimentary stack that adds value and is not threatened as AWS move vertically up the Cloud stack themselves.

    -Ed Byrne, CEO, Digital Mines